<?
include('../controller/handler.php');

include('../module/var.inc.php');

session_start();

$hd = new Handler();
$base_url = $hd->getBaseURL();

if($_POST!=NULL && $hd->getPassword()==sha1($_SESSION['password'])) {
	$filename = strtolower(basename($_FILES['userfile']['name']));
	$exts = split("[/\\.]", $filename);
	$exts = $exts[count($exts)-1];
	$uploadfile = '../uploads/'.basename($_FILES['userfile']['name']);
	if(($hd->isImage($filename) || $exts=="pdf" || $exts=="mp4" || $exts=="wmv" || $exts=="flv") &&
		move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
		$hd->writeLog("[FILE] ".strftime("%c")." uploaded ".basename($_FILES['userfile']['name'])." by ".
			$hd->getUsername()." ID=".$_SERVER['REMOTE_ADDR']);
		$feedback = "Upload di <span class=\"italic\">".basename($_FILES['userfile']['name'])."</span> effettuato con successo.";
	} else {
		//$path = "Operazione non consentita";
		$hd->writeLog("[FILE] ".strftime("%c")." uploaded refused ".basename($_FILES['userfile']['name'])." of ".
			$hd->getUsername()." ID=".$_SERVER['REMOTE_ADDR']);
		$feedback = "Impossibile effettuare l'upload del file ".basename($_FILES['userfile']['name']).", verificare che il file ".
			"sia di tipo immagine (.jpg, .jpeg, .gif, .png, .bmp), video (.mp4, .wmv, .flv) o pdf.";
	}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="it" lang="it">
<head>
	<? include('../module/head.inc.php'); ?>
	<meta name="robots" content="noindex, nofollow"/>
</head>

<body>
<div id="content">
<?include('../module/header.inc.php');?>

<?if($hd->getPassword()==sha1($_SESSION['password'])) {?>

<div id="panel_form" class="form">
	<div class="upper_bar_main"><div class="upper_bar_round"></div></div>
	<div class="body_main_left">
	<div class="body_main_right">
	<div class="body_main">
	<form id="upload_form" enctype="multipart/form-data" action="file" method="post">
		<h2>Carica file (immagini, video o pdf)</h2>
		<input type="hidden" name="MAX_FILE_SIZE" value="10000000" />
	    Carica file: <input name="userfile" type="file" />
		<p><input type="button" value="Invia &rarr;" onclick="showWaitAdvice(this)" /></p>
	</form>
	<?if($feedback) {?><p id="feedback" class="highline"><?echo $feedback;?></p> <?}?>
	<p class="small admin_action"><a href="<?echo $base_url;?>panel">&larr; Pannello di amministrazione</a></p>
	</div></div></div>
	<div class="lower_bar_main"><div class="lower_bar_round"></div></div>
</div>

<? include('../module/uploaded.img.inc.php'); ?>

<?}?>

<? include('../module/footer.inc.php'); ?>
</div>
</body>
</html>
